HackDig : Dig high-quality web security articles for hacker

Kaspersky Lab has been tracking a targeted attack actor’s activities in Japan and South Korea recently. This attacker has been using the XXMM malware toolkit, which was named after an original project path revealed through a pdb string inside the file: “C:Users123documentsvisual studio 2010Projectsxxmm2Releasetest2.pdb”. We came across an u

The year in figures
According to Kaspersky Lab, in 2016:
The proportion of spam in email flows was 58.31%, which is 3.03 percentage points more than in 2015.
62.16% of spam emails were no more than 2 KB in size.
12.08% of spam was sent from the US.
Trojan.Win32.Bayrob was the most popular malware family distributed via email.
Germany (14.13%) was the countr

On January 10, 2017, a court order was declassified by the Italian police, in regards to a chain of cyberattacks directed at top Italian government members and institutions.
The attacks leveraged a malware named “EyePyramid” to target a dozen politicians, bankers, prominent freemasons and law enforcement personalities in Italy. These included Fab

Download the full report (PDF)
Spam: quarterly highlights
Malicious spam
Throughout 2016 we have registered a huge amount of spam with malicious attachments; in the third quarter, this figure once again increased significantly. According to KSN data, in Q3 2016 the number of email antivirus detections totaled 73,066,751. Most malicious attachments cont

One piece of advice that often appears in closed message boards used by Russian cybercriminals is “Don’t work with RU”. This is a kind of instruction given by more experienced Russian criminals to the younger generation. It can be interpreted as: “don’t steal money from people in Russia, don’t infect their machines, don

Spam: features of the quarter
Trending: dramatic increase in volume of malicious spam
The first quarter of 2016 saw a dramatic increase in the number of unsolicited emails containing malicious attachments. Over the last two years the number of email antivirus detections on computers with a Kaspersky Lab product installed fluctuated between 3 and 6 million. A

Infecting the Master Boot Record (MBR) and encrypting files is nothing new in the world of malicious programs. Back in 1994, the virus OneHalf emerged that infected MBRs and encrypted the disk contents. However, that virus did not extort money. In 2011, MBR blocker Trojans began spreading (Trojan-Ransom.Win32.Mbro) that infected the MBR and prevented the ope

In February 2016, the Internet was shaken by an epidemic caused by the new ransomware Trojan Locky (detected by Kaspersky Lab products as Trojan-Ransom.Win32.Locky). The Trojan has been actively propagating up to the present day. Kaspersky Lab products have reported attempts to infect users with the Trojan in 114 countries around the world.
Analysis of the s

The year in figures
In 2015, Kaspersky Lab detected the following:
2,961,727 malicious installation packages
884,774 new malicious mobile programs – a threefold increase from the previous year
7,030 mobile banking Trojans
Trends of the year
Rise in the number of malicious attachments the user is unable to delete.
Cybercriminals actively using phishing win

The year in figures
According to Kaspersky Lab, in 2015
The proportion of spam in email flows was 55.28%, which is 11.48 percentage points lower than in 2014.
79% of spam emails were no more than 2 KB in size.
15.2% of spam was sent from the US.
146,692,256 instances that triggered the ‘Antiphishing’ system were recorded.
Russia suffered the hig

Background
Recently we came across a new family of cross-platform backdoors for desktop environments. First we got the Linux variant, and with information extracted from its binary, we were able to find the variant for Windows desktops, too. Not only that, but the Windows version was additionally equipped with a valid code signing signature. Let´s have a loo

Download PDF version Download EPUB Download Full Report PDF Download Full Report EPUB
Top security stories
Evolution of cyber threats in the corporate sector
Overall statistics for 2015
Predictions 2016
The year in figures
In 2015, there were 1,966,324 registered notifications about attempted malware infections that aimed to steal mon

Download PDF version
Spam: features of the quarter
Online dating
The dating theme is typical for spam emails, but in the third quarter of 2015 we couldn’t help but notice the sheer variety appearing in these types of mailings. We came across some rather interesting attempts to deceive recipients and to bypass filters, as well as new types of spam

A family of ransomware Trojans that encrypts files and adds the extensions “.xtbl” and “.ytbl” emerged in late 2014/early 2015, and quickly established itself among the top three most widespread encryptors in Russia (along with Trojan-Ransom.Win32.Cryakl and Trojan-Ransom.BAT.Scatter). This threat has been assigned the verdict Trojan-